Showing 1 - 4 of 4

CVE-2009-0585

Status Candidate

Overview

Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.

Related Files

Mandriva Linux Security Advisory 2009-081: Posted Mar 27, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-081 - An integer overflow in libsoup Base64 encoding and decoding functions enables attackers either to cause denial of service and to execute arbitrary code. This update provides the fix for that security issue.; tags | advisory, denial of service, overflow, arbitrary; systems | linux, mandriva; advisories | CVE-2009-0585; SHA-256 | 0218a675d4af22d7953ff8facbadd56fc42d0d245c1acf552ca37aaa99c6e354; Download | Favorite | View

Debian Linux Security Advisory 1748-1: Posted Mar 24, 2009; Authored by Debian | Site debian.org; Debian Security Advisory 1748-1 - It was discovered that libsoup, an HTTP library implementation in C, handles large strings insecurely via its Base64 encoding functions. This could possibly lead to the execution of arbitrary code.; tags | advisory, web, arbitrary; systems | linux, debian; advisories | CVE-2009-0585; SHA-256 | 1f4b63ede43694dd4314bde597b03ac678c793aeb27c9bb4ba71472bfff595f1; Download | Favorite | View

Ubuntu Security Notice 737-1: Posted Mar 16, 2009; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice USN-737-1 - It was discovered that the Base64 encoding functions in libsoup did not properly handle large strings. If a user were tricked into connecting to a malicious server, an attacker could possibly execute arbitrary code with user privileges.; tags | advisory, arbitrary; systems | linux, ubuntu; advisories | CVE-2009-0585; SHA-256 | f874a8bcf1deb0809b7e56c5833224376f539f277c373bf447e52e2715662ad5; Download | Favorite | View

Open Source CERT Security Advisory 2008.15: Posted Mar 12, 2009; Authored by Will Drewry, Open Source CERT | Site ocert.org; Base64 encoding and decoding functions in glib suffer from vulnerabilities during memory allocation which may result in arbitrary code execution when processing large strings. A number of other GNOME-related applications which predate glib are vulnerable due to the commonality of this flawed code.; tags | advisory, arbitrary, vulnerability, code execution; advisories | CVE-2008-4316, CVE-2009-0585, CVE-2009-0586, CVE-2009-0587; SHA-256 | 53bba693225b9b5a30ee3d26bab42447350b5931b378ef7725720712448ef169; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 308 files
Ubuntu 67 files
Debian 24 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

CVE-2009-0585

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems